]> git.tuebingen.mpg.de Git - paraslash.git/blobdiff - client_common.c
projects / paraslash.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge topic branch t/openssl-3 into pu
[paraslash.git] / client_common.c
diff --git a/client_common.c b/client_common.c
index 43527ddb71647eee5936760cda40e722085b21f8..b6603f12aab51c55c9c60a5d0243295afa445581 100644 (file)
--- a/client_common.c
+++ b/client_common.c
@@ -324,7 +324,7 @@ static int client_post_monitor(struct sched *s, void *context)
                 */
                {
                /* decrypted challenge/session key buffer */
-               unsigned char crypt_buf[1024];
+               unsigned char *crypt_buf;
                struct sb_buffer sbb;
 
                ret = recv_sb(ct, &sbb);
@@ -337,22 +337,31 @@ static int client_post_monitor(struct sched *s, void *context)
                }
                n = sbb.iov.iov_len;
                PARA_INFO_LOG("<-- [challenge] (%zu bytes)\n", n);
-               ret = apc_priv_decrypt(ct->key_file, crypt_buf,
+               ret = apc_priv_decrypt(ct->key_file, &crypt_buf,
                        sbb.iov.iov_base, n);
                free(sbb.iov.iov_base);
                if (ret < 0)
                        goto out;
+               if (ret != APC_CHALLENGE_SIZE + 2 * SESSION_KEY_LEN) {
+                       free(crypt_buf);
+                       ret = -E_DECRYPT;
+                       goto out;
+               }
                ct->challenge_hash = alloc(HASH2_SIZE);
                if (has_feature("sha256", ct)) {
-                       hash2_function((char *)crypt_buf, APC_CHALLENGE_SIZE, ct->challenge_hash);
+                       hash2_function((char *)crypt_buf, APC_CHALLENGE_SIZE,
+                               ct->challenge_hash);
                        hash2_to_asc(ct->challenge_hash, buf);
                } else {
-                       hash_function((char *)crypt_buf, APC_CHALLENGE_SIZE, ct->challenge_hash);
+                       hash_function((char *)crypt_buf, APC_CHALLENGE_SIZE,
+                               ct->challenge_hash);
                        hash_to_asc(ct->challenge_hash, buf);
                }
-               ct->scc.send = sc_new(crypt_buf + APC_CHALLENGE_SIZE, SESSION_KEY_LEN);
-               ct->scc.recv = sc_new(crypt_buf + APC_CHALLENGE_SIZE + SESSION_KEY_LEN,
-                       SESSION_KEY_LEN);
+               ct->scc.send = sc_new(crypt_buf + APC_CHALLENGE_SIZE,
+                        SESSION_KEY_LEN);
+               ct->scc.recv = sc_new(crypt_buf + APC_CHALLENGE_SIZE
+                       + SESSION_KEY_LEN, SESSION_KEY_LEN);
+               free(crypt_buf);
                PARA_INFO_LOG("--> %s\n", buf);
                ct->status = CL_RECEIVED_CHALLENGE;
                return 0;
@@ -556,7 +565,7 @@ int client_parse_config(int argc, char *argv[], struct client_task **ct_ptr,
        struct lls_parse_result *lpr;
        int ret, ll;
        struct client_task *ct;
-       char *kf = NULL, *user, *errctx, *home = para_homedir();
+       char *kf = NULL, *user, *errctx;
 
        ret = lls(lls_parse(argc, argv, cmd, &lpr, &errctx));
        if (ret < 0)
@@ -578,9 +587,17 @@ int client_parse_config(int argc, char *argv[], struct client_task **ct_ptr,
        if (CLIENT_OPT_GIVEN(KEY_FILE, lpr))
                kf = para_strdup(CLIENT_OPT_STRING_VAL(KEY_FILE, lpr));
        else {
-               kf = make_message("%s/.paraslash/key.%s", home, user);
-               if (!file_exists(kf)) {
+               struct stat statbuf;
+               const char *confdir = get_confdir();
+               kf = make_message("%s/key.%s", confdir, user);
+               if (stat(kf, &statbuf) != 0) { /* assume file does not exist */
+                       const char *home = getenv("HOME");
                        free(kf);
+                       if (!home || !*home) {
+                               ret = -ERRNO_TO_PARA_ERROR(EINVAL);
+                               errctx = make_message("HOME unset or empty");
+                               goto out;
+                       }
                        kf = make_message("%s/.ssh/id_rsa", home);
                }
        }
@@ -595,7 +612,6 @@ int client_parse_config(int argc, char *argv[], struct client_task **ct_ptr,
        *ct_ptr = ct;
        ret = lls_num_inputs(lpr);
 out:
-       free(home);
        if (ret < 0) {
                if (errctx)
                        PARA_ERROR_LOG("%s\n", errctx);
paraslash - network audio streaming tools